On Sat, Dec 04, 2021 at 12:13:49PM +, lik...@gmx.de wrote:
> Hi,
>
> I'm using in my saltstack formulas creating of repositories in a debian
> template e.g.
>
> add-repo:
> pkgrepo.managed:
> - name: deb http://repository.spotify.com stable non-free
> - file: /etc/apt/sources.list.d/spotify-client.list
> - humanname: spotify
> - keyid: 5E3C45D7B312C643
> - keyserver: keys.openpgpg.org
> - gpgkey: https://download.spotify.com/debian/pubkey_5E3C45D7B312C643.gpg
> - gpgcheck: 1
>
> Unfortunately, I get this error after execution:
> ID: add-repo
> Function: pkgrepo.managed
> Name: deb http://repository.spotify.com stable non-free
> Result: False
> Comment: Failed to configure repo 'deb [trusted=yes]
> http://repository.spotify.com stable non-free': Error: key retrieval failed:
> Executing: /tmp/apt-key-gpghome.xyY44SvGz1/gpg.1.sh --batch --keyserver
> keys.openpgpg.org --logger-fd 1 --recv-keys 5E3C45D7B312C643
> gpg: keyserver receive failed: Network is unreachable
>
> Any ideas how to fix that? Is that connected that templates are using a proxy
> for outbound connections which salt is not able to use for retrieving keys?
> Btw. none of the options works: keyid + keyserver nor gpgkey. I just added
> both of the in the salt snipped.
>
> Thanks! P.
>
It is connected - you can find the solution online for using gpg behind
a proxy.
I have a note on this at http://github.com/unman/notes/ - that's a way
to get keys in to the template. Run that and keep the key retrieval out
of the salt state. Its workable.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/YatyMDtmykpY9NoY%40thirdeyesecurity.org.
